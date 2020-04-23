Amanda Finch, CEO of the Chartered Institute of Information Security (CIISec), has written to SC Media UK to provide her predictions for the post-coronavirus technology and security landscape:

Creativity will flourish, as security teams are forced to do more with less

“Security budgets are already feeling the pinch from Coronavirus, as organisations tighten their belts to get through this indeterminate period of reduced activity – even as the flood of new attacks makes security more valuable than ever. However, with a recession seemingly inevitable given the economic damage the virus has already caused, budgets will be stretched even tighter. There will be a need to do more with less; whether that means automating key business processes, or relying on upstream service providers who can provide essential capabilities more cost-effectively.

“However, as these approaches can also open new avenues for attackers, security teams will develop creative new ways to shut down opportunities. This may be as simple as increased collaboration, as security researchers use new ways to share potential threats and processes – especially as in-person security conferences are likely to become rarer. Or it may mean automating as many security processes as possible, while still keeping an essential level of human decision that removes the ability of attackers to predict and identify weaknesses.”

Organisations should not mistake ICO inactivity now for leniency later

“As the coronavirus outbreak continues, the ICO will no doubt experience an exponential growth in its workload. Adherence to GDPR, for instance, may begin to slip over time as employees continue to work from home and the lines between personal and work devices blur. Corporate data may very well make its way onto domestic devices – whether phones, tablets or laptops – and shadow IT may also pose a problem as employees opt for systems and tools they prefer but that are not ‘work-approved’. Adding to this storm even further is the multitude of coronavirus-related scams and cyber-attacks targeting individuals and organisations alike.

“It’s almost certain the ICO will not have the bandwidth to assess every single report that comes in over this period. Instead it will need to prioritise, focusing first and foremost on the most serious cases and allowing a backlog to be created for less crucial incidents. However, this does not mean that organisations can loosen their grips on security processes and reporting protocols. The ICO will eventually catch up and organisations need to ensure they remain compliant throughout the pandemic; the last thing any business needs is a large fine and possible reputational damage after an already very challenging few months.”

The greatest challenges will come post-epidemic

“While Coronavirus presented immediate challenges, its real impact will only be felt after the lockdown has finished. As well as the potential of a recession, and delayed ICO fines, many security projects will have been postponed or cancelled for the immediate future – meaning organisations will have to race to catch up whilst attackers have had a golden opportunity to streak ahead. At the same time, ensuring that all data, which has been put at risk in the rush to adapt to remote working, is brought back under corporate control will be a mammoth task. This doesn’t even take into account that there may be multiple lockdowns before the virus is ultimately brought under control.

“This will inevitably lead to greater pressure on security teams, and a higher risk of burnout. To avoid this, it’s essential that organisations and security teams don’t see the current situation as an aberration that will be swiftly followed by normal service. Instead, it’s the first step in what will be a long-term transformation of the challenges and opportunities that security teams face. Using the current lockdown to prepare, instead of simply reacting to immediate needs, will be key to security teams’ ability to weather the challenges ahead.”

There will be a golden opportunity to welcome a new generation of security analysts into the industry

“Career progression for many has halted and concerns over furloughing and unemployment are prevalent. Some may also be reassessing their current position and whether they want to remain or return once “life as normal” has recommenced. Many individuals are seeing this as an opportunity to upskill and to learn new things across areas they may have never explored before. The sudden rush to “WFH” has also forced many workers to become more digitally literate – including an increased awareness of cyber-security best practices as workers seek to protect their workloads and own personal data.

“This could provide a ripe opportunity for the cyber-security industry – traditionally with a reputation for being “pale, male and stale” – to recruit outside of its usual narrow bracket. While many security employees will likely have come from STEM backgrounds, cyber-security covers a broad spectrum and demands an array of skillsets, many of which individuals across other industries will already possess.

For instance, someone with a background in English Literature may be particularly adept at, and find satisfaction in, comparing and analysing information from separate sources – a skill in great demand in IT security. This, coupled with the fact that many individuals will be upskilling independently provides a potentially golden opportunity for the cyber-security industry to build a multi-faceted, diverse workforce.”

In-person site visits will become rarer and more intensive

“Millions of people were thrust into a steep learning curve as they attempted to adjust to working from home – and security analysts were no exception. There has been a rapid reappraisal of what activity truly needs an on-site visit, and what can be equally completed remotely – even if processes and tools need a few workarounds and modifications. For instance, while some penetration testing is only possible in person, anything that can be simulated online will be.

“As it becomes clear which activity can be completed just as easily without the complication, expense and, at present, risk of an in-person visit, site visits will be much harder to justify even after Coronavirus is consigned to the history books. Instead, while rarer, any on-site visit will be much more intensive; with analysts expected to complete in one visit what might have been previously done over a number of months.”